This repository has been archived on 2024-04-08. You can view files and clone it, but cannot push or open issues or pull requests.
khosb/modules/ssl/classes/ssl.php
2012-12-21 10:33:38 +11:00

162 lines
3.5 KiB
PHP

<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class is for access to SSL information
*
* @package OSB
* @subpackage System
* @category Helpers
* @author Deon George
* @copyright (c) 2010 Open Source Billing
* @license http://dev.osbill.net/license.html
*/
class SSL {
public static function instance() {
return new SSL;
}
public static function details($cert,$key=NULL) {
$k = openssl_x509_parse($cert);
return is_null($key) ? $k : $k[$key];
}
public static function algorithm($cert,$key=NULL) {
if (! $cert)
return '';
$r = openssl_x509_read($cert);
openssl_x509_export($r,$e,FALSE);
// @todo There must be a nice way to get this?
if (preg_match('/^\s+Signature Algorithm:\s*(.*)\s*$/m',$e,$match))
return $match[1];
else
return _('Unknown');
}
public static function aki($cert,$key=NULL) {
$k = array();
foreach (explode("\n",preg_replace("/\n$/",'',static::extensions($cert,'authorityKeyIdentifier'))) as $x) {
list($a,$b) = explode(":",$x,2);
$k[strtolower($a)] = $b;
}
return is_null($key) ? $k : $k[$key];
}
public static function aki_keyid($key) {
return static::aki($key,'keyid');
}
public static function aki_dirname($key) {
return static::aki($key,'dirname');
}
public static function aki_serial($key) {
return static::aki($key,'serial');
}
public static function dn($cert) {
if (! $cert)
return '';
$s = '';
$c = 0;
foreach (static::details($cert,'subject') as $k=>$v) {
if ($c++)
$s .= ',';
$s .= sprintf('%s=%s',$k,$v);
}
return $s;
}
public static function dnissuer($cert) {
if (! $cert)
return '';
$s = '';
$c = 0;
foreach (static::details($cert,'issuer') as $k=>$v) {
if ($c++)
$s .= ',';
$s .= sprintf('%s=%s',$k,$v);
}
return $s;
}
public static function issuer($cert) {
$k = static::details($cert,'issuer');
return $k['CN'];
}
public static function from($cert,$format=FALSE) {
$k = static::details($cert,'validFrom_time_t');
return $format ? Config::date($k) : $k;
}
public static function expire($key,$format=FALSE) {
$k = static::details($key,'validTo_time_t');
return $format ? Config::date($k) : $k;
}
public static function extensions($cert,$key=NULL) {
$k = static::details($cert,'extensions');
return is_null($key) ? $k : $k[$key];
}
public static function hash($key) {
return static::details($key,'hash');
}
public static function serial($key) {
return static::dec_to_hex(static::details($key,'serialNumber'));
}
public static function subject($key) {
$k = static::details($key,'subject');
return $k['CN'];
}
public static function ski($key) {
return static::extensions($key,'subjectKeyIdentifier');
}
public static function version($key) {
return static::details($key,'version');
}
public static function csrsubject($csr) {
$c = openssl_csr_get_subject($csr);
return $c['CN'];
}
private static function dec_to_hex($number) {
$hex = array();
if ($number == 0)
return '00';
while ($number > 0) {
if ($number == 0) {
array_push($hex, '0');
} else {
$x = (int) ($number/16);
array_push($hex,strtoupper(dechex((int)($number-($x*16)))));
$number = $x;
}
}
return preg_replace('/^:/','',preg_replace('/(..)/',":$1",implode(array_reverse($hex))));
}
}
?>